GHSA-9r4w-jg96-92mvMediumCVSS 6.8Disclosed before NVD

Go-Attestation: Hash injection into trusted measurement list via unskipped SignatureHeaderSize vendor bytes in parseEfiSignatureList()

Published
June 12, 2026
Last Modified
June 12, 2026

📋 Description

Summary

parseEfiSignatureList() in attest/internal/events.go does not skip SignatureHeaderSize vendor bytes before reading EFI_SIGNATURE_LIST signature entries, violating UEFI specification section 31.4.1.

Impact

For hashSHA256SigGUID lists, attacker-controlled vendor header bytes are appended directly to the trusted SHA256 hash list. A crafted TPM event log can inject arbitrary SHA256 hashes into the verifier's trusted measurement database, allowing a remote attestation verifier to accept a compromised boot state as legitimate — breaking the core integrity guarantee of remote attestation.

Root Cause

After binary.Read(&signatures.Header) reads 28 bytes, buf points to the start of the SignatureHeaderSize vendor bytes. Both entry loops start at sigOffset := 0 instead of sigOffset := SignatureHeaderSize, causing vendor bytes to be read as signature entries.

Affected versions

All versions through commit f877374 (2026-05-15).

Fix

Pull request: https://github.com/google/go-attestation/pull/502

  • Add bound check: SignatureHeaderSize must not exceed remaining list space
  • Skip SignatureHeaderSize bytes before both entry loops
  • Regression test: TestParseEfiSignatureListNonZeroSignatureHeaderSize

🎯 Affected products1

  • go/github.com/google/go-attestation:<= 0.5.0

🔗 References (5)